When you onboard a node to Azure Arc, you will also receive a system-assigned managed identity for that server. This managed identity provides a unique security identity for your server, and enables you to delegate different permissions for Azure resources such as Azure Key Vault. With this managed identity, you can create and manage Azure resource access policies and access controls, and can use it to securely authenticate and authorize your server to access Azure services and resources. This opens up many more possibilities and use cases for Azure Arc, and allows you to better secure and manage your hybrid and multi-cloud environments.
Unleash the Power of Azure Arc for Servers
Install-Module -Name Az.ManagedServiceIdentity -Force -Verbose
Run the following command to print out all the command lets in Az.ManagedServiceIdentity PowerShell module
- Get-Command -Module Az.ManagedServiceIdentity
Get-AzFederatedIdentityCredentials Get-AzSystemAssignedIdentity Get-AzUserAssignedIdentity Get-AzUserAssignedIdentityAssociatedResource New-AzFederatedIdentityCredentials New-AzUserAssignedIdentity Remove-AzFederatedIdentityCredentials Remove-AzUserAssignedIdentity Update-AzFederatedIdentityCredentials Update-AzUserAssignedIdentity
Gets the systemAssignedIdentity available under the specified RP scope.
Get-AzSystemAssignedIdentity -Scope "/subscriptions/XXXXXX/resourceGroups/RG-PROD-IT-ARC/providers/Microsoft.HybridCompute/machines/ADFS01"
Get-AzSystemAssignedIdentity lists the following information
I also made one Excel spreadsheet that lists all the commands. You can download this from my GitHub repository.
You can download the Excel Spreadsheet from here – AzureArc/Az.ManagedServiceIdentity v1.1.0 cmdlets.xlsx at main · Kaidja/AzureArc (github.com)